<?php

class LoginAction extends Action{
    private $groupid;
    private $sysConfig;
    private $cache_model;
    private $Config;
    private $menudata;

    function _initialize()
    {
        $this->sysConfig = F('sys.config');
        C('ADMIN_ACCESS',$this->sysConfig['ADMIN_ACCESS']);
        import('@.TagLib.TagLibGr');
    }

    public function index()
    {
        if(is_file(RUNTIME_PATH.'~app.php'))
            @unlink(RUNTIME_PATH.'~app.php');

        if(is_file(RUNTIME_PATH.'~runtime.php'))
            @unlink(RUNTIME_PATH.'~runtime.php');

        if(is_file(RUNTIME_PATH.'~allinone.php'))
            @unlink(RUNTIME_PATH.'~allinone.php');

        $this->menudata = F('Menu');

        $this->cache_model = array('Lang','Menu','Config','Module','RoleUser','Category', 'Posid','Field','Type','Urlrule','Dbsource');
        if(empty($this->sysConfig['ADMIN_ACCESS']) || empty($this->menudata)){
            foreach($this->cache_model as $r){
                savecache($r);
            }
            $this->sysConfig = F('sys.config');
            C('ADMIN_ACCESS',$this->sysConfig['ADMIN_ACCESS']);
        }
        if(!empty($_SESSION['adminid'])){
            $this->assign('jumpUrl',U('Index/index'));
            $this->success(L('logined'));
            exit;
        }
        $this->display();
    }

    public function doLogin()
    {
        $user = M('User');

        if(C('TOKEN_ON') && !$user->autoCheckToken($_POST)){
            $this->error('表单令牌错误');
        }

        if(empty($this->sysConfig['ADMIN_ACCESS'])) {
            $this->error(L('NO SYSTEM CONFIG FILE'));
        }

        $username = trim($_POST['username']);
        $password = trim($_POST['password']);
        $verifyCode = trim($_POST['verifyCode']);

        if (empty($username) || empty($password)) {
            $this->error(L('用户名密码不能为空'));
        } elseif (md5($verifyCode) != $_SESSION['verify']){
            $this->error('验证码错误');
        }

        $condition = array();
        $condition['username'] = array('eq',$username);
        import('ORG.Util.RBAC');

        $authInfo = RBAC::authenticate($condition,'User');
        //使用用户名、密码和状态的方式进行认证
        if (false === $authInfo) {
            $this->error(L('empty_userid'));
        } else {
            if($authInfo['password'] != sysmd5($_POST['password'])) {
                $this->error('登录失败，请重新登录。');
            }
            $_SESSION['username'] = $authInfo['username'];
            $_SESSION['adminid'] = $_SESSION['userid'] = $authInfo['id'];
            $_SESSION['roleid'] = $authInfo['role'];
            $_SESSION['adminaccess'] = C('ADMIN_ACCESS');
            $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
            $_SESSION['email'] = $authInfo['email'];
            $_SESSION['lastLoginTime'] = $authInfo['last_login_time'];
            $_SESSION['login_count'] = $authInfo['login_count']+1;
            session(C('USER_AUTH_KEY'), $authInfo['id']);
            session('userid',$authInfo['id']);  //用户ID
            session('username',$authInfo['username']);   //用户名
            session('roleid',$authInfo['role']);    //角色ID
            RBAC::saveAccessList();
            if ($authInfo['role']==1) {
                $_SESSION[C('ADMIN_AUTH_KEY')] = true;
            }

            //保存登录信息
            $data = array();
            $data['id']  = $authInfo['id'];
            $data['last_login_time']  = time();
            $data['last_ip'] = get_client_ip();
            $data['login_count'] = array('exp','login_count+1');
            $user->save($data);
            // 缓存访问权限
            RBAC::saveAccessList();
            if ($_POST['ajax']) {
                $authInfo['info'] = '登陆成功';
                $this->ajaxReturn($authInfo);
            } else {
                $this->assign('jumpUrl',U('index/index'));
                $this->success('登陆成功');
            }
        }
    }

    function lostpassword()
    {
        if(IS_POST){
            $yzh_auth = authcode($uid."-".$username."-".$email, 'ENCODE',$this->sysConfig['ADMIN_ACCESS'],36000*24*3);//3天有效期
            $url = 'http://'.$_SERVER['HTTP_HOST'].U('Member/Login/regcheckemail?code='.$yzh_auth);

            $click = "<a href=\"$url\" target=\"_blank\">".L('CLICK_THIS')."</a>";

            $message = str_replace(array('{click}','{url}','{sitename}'),array($click,$url,$this->Config['site_name']),$this->member_config['member_emailchecktpl']);

            $r = sendmail($email,L('USER_REGISTER_CHECKEMAIL').'-'.$this->Config['site_name'],$message,$this->Config);
            if($r){
                $this->assign('send_ok',1);
                $this->assign('username',$username);
                $this->assign('email',$email);
                $this->display('Login_emailcheck');
                exit;
            }

        }

        $this->display();
    }

    /**
     * 退出登录
     *
     */
    public function logout()
    {
        if(isset($_SESSION[C('USER_AUTH_KEY')])) {

          unset($_SESSION[C('USER_AUTH_KEY')]);
          unset($_SESSION);
          session_destroy();
          $this->ajaxReturn('安全退出');
        }else {
          $this->assign('jumpUrl',U('login/index'));
          $this->error(L('logined'));
        }
    }

    function checkEmail()
    {
        $user = M('User');
        $email = $_GET['email'];

        $userid = intval($_GET['userid']);

        if(empty($userid)){
          if($user->getByEmail($email)){
            echo 'false';
          }else{
            echo 'true';
          }
        }else{

            //判断邮箱是否已经使用
            if($user->where("id!={$userid} and email='{$email}'")->find()){
                echo 'false';
            }else{
                echo 'true';
            }
        }
        exit;
    }

    public function verify()
    {
        ob_clean();
        header("Content-type: image/png");
        import("@.ORG.Image");
        Image::buildImageVerify(4,1,'png',50,25);
    }

}